Security keys are intended to protect against a remote attacker. You can always re-add it in future using the QR code or manually. I think this risk is small because 1Password only requires 2FA once per device, but if it concerns you, you can print/save the QR code and/or 2FA manual entry secret and delete the 2FA token from your authenticator app. The risk is that an attacker could trick you into using the authenticator app instead. As long as you always use the security key you will get the full benefit of this protection. The main security advantage of a hardware security key over an authenticator app is that it protects you from real-time man in the middle attacks. Sync Type: 1Password requires you to set-up an authenticator app because 1Password doesn't support secruity keys on all platforms. I would appreciate hearing your thoughts on this. With 1Password, several security keys as a second factor are supported at the same time - to my knowledge. My question now is - how can this be implemented when some services that support the usage of a security key only support one at a time? For example, if you can add only one security key on Dropbox as a second factor. Maybe someone can answer me this question here: If you want to log in on multiple devices at the same time - you need multiple YubiKeys.
I also have a question regarding the YubiKey. Then you can write down the secret for the authentication app in a safe place. What is the most secure way to implement this? Should I use the Yubico Authenticator to use it as an authentication app? If I understand the concept correctly - you have to connect the YubiKey to the device to unlock the authentication app. (in addition to the secret key, master password, region and email address).
You use the YubiKey to enforce that it is required to log in. Now I wonder if it makes any sense to use an ordinary authentication app like Authy because if someone gains access to the smartphone - they will also have the second factor. To enable two-factor authentication in 1Password - there must be at least one app set up that generates the one-time codes. I would like to achieve the highest possible security. I've done some research on YubiKey, the security key that can be used for authentication and is also supported by 1Password.Ĭurrently, I don't have a YubiKey, but I'm thinking about getting one.
0 kommentar(er)
